Top 10 HP NonStop Security Fundamentals HP NonStop Technical Bootcamp 2014 About XYPRO • Founded in 1983 – over 30 years working with the HP NonStop community! • Specialists in mission-critical security, compliance and encryption • XYGATE Merged Audit (XMA) and XYGATE User Authentication (XUA) bundled with NonStop operating system XYPRO Solutions The Need for NonStop Security • Mission-critical business systems run on HP NonStop • Payments, telcos, energy, manufacturing, healthcare, retail, etc. • HP NonStop value propositions • • • • • “continuous availability” “fault-tolerant computing” “massive scalability” “integrated solution stack” “lowest TCO in its class” • Is this possible without strong security? • In today’s high-threat world, strong security is needed to protect the types of mission-critical business systems that run on HP NonStop Top 10 HP NonStop Security Fundamentals Because mission-critical systems need strong security Top 10 NonStop Security Fundamentals #10: Secure the default system access settings • Protect or Delete NULL.NULL • Remove compilers from production systems • Configure Safeguard auditing in order to meet PCI requirements • Add and configure Safeguard security groups Lee Evans • Add and configure Safeguard OBJECTTYPE records Professional Services Manager • Secure sensitive objects Related XYPRO Solutions: Professional Services Based in North Carolina Top 10 NonStop Security Fundamentals #9: Set-up strong Safeguard authentication and password controls • • • • • Assign all users a unique ID (PCI 8.1) Implement user authentication (PCI 8.2) Incorporate 2-factor authentication for remote access (PCI 8.3) Protect passwords during transmission and storage (PCI 8.4) Ensure proper user ID and authentication management (PCI 8.5) Sean Bicknell EMEA Sales Manager Based in UK Related XYPRO Solutions: Access Control (XAC) User Authentication (XUA), Password Control (XPQ) Top 10 NonStop Security Fundamentals #8: Ensure individual accountability (no shared IDs!) • Eliminate shared userids (PCI 8.5) • Eliminate aliases to privileged userids • No personal userids in the SUPER group • No personal userids assigned to the 255 member of any group Related XYPRO Solutions: Access Control (XAC) Gabriel Alvarez LATAM Sales Based in Mexico Top 10 NonStop Security Fundamentals #7: Establish granular control of user activity • Control user activities at sub-command level • Use ACLs to manage access to processes • Utilize a $CMON • Limit access to Spooler utilities Related XYPRO Solutions: Access Control (XAC), CMON (XCM), Spoolcom Peruse (XSP) Craig Lawrance Europe Sales Based in UK Top 10 NonStop Security Fundamentals #6: Audit all actions of privileged access users • • • • • Privileged Users: (0,0),(0,15),(*,255),(255.*) Application Owner & Job function IDs Enable keystroke logging Audit all privileged user actions Ensure tamper-proof audit trails Related XYPRO Solutions: Access Control (XAC), Merged Audit (XMA), Object Security (XOS) Manuel Sunderland LATAM Sales Based in Mexico Top 10 NonStop Security Fundamentals #5: Strengthen access management with role-based access control (RBAC) • Using ACLGROUPs for RBAC • Don’t forget auditing! • A major note for alias users Related XYPRO Solutions: Access Control (XAC) Angelo Nicolaides Global Partner Sales Based in Canada Top 10 NonStop Security Fundamentals #4: Dynamically secure all NonStop system resource objects • Use wildcarding to reduce the number of ACLs needed and proactively protect objects • Secure objects with any object attribute • Use the OSS SEEP to increase security protection for OSS • Unify NonStop security management across different nodes and operating systems Related XYPRO Solutions: Object Security (XOS) Jay Price U.S. Sales Based in Nebraska Top 10 NonStop Security Fundamentals #3: Protect sensitive data • Format Preserving Encryption • Secure Stateless Tokenization • NonStop data protection with no application changes Feng Lin Related XYPRO Solutions: Data Protection (XDP), Voltage FPE, Voltage SST AP Sales Manager Based in Australia Top 10 NonStop Security Fundamentals #2: Continuously monitor security compliance • Implement on-going security compliance process • Use a systematic approach for NonStop-specific compliance • Ensure compliance program incorporates best practices Related XYPRO Solutions: Compliance PRO (XSW), Access Control (XAC), Object Security (XOS) Kevin Boham U.S. Sales Based in Nebraska Top 10 NonStop Security Fundamentals #1: Audit all security-related activity and events • Use XMA bundled with NonStop system • Consolidate NonStop security event data • Create alerts on important events • Run audit reports Ken Scudder • Integrate with enterprise SIEMs Bus Dev & Alliances Related XYPRO Solutions: Merged Audit (XMA) Based in California Conclusion • Mission-critical systems running on NonStop need strong protection • HP bundles important XYPRO software with the NonStop system • XYPRO has a global team to assist you • Top 10 NonStop Security Fundamentals are key to protecting the NonStop system • More in-depth details about the Top 10 at xypro.com Thank you HP NonStop Technical Bootcamp 2014
© Copyright 2024 ExpyDoc
